Official statement regarding recent Greg’ commit 6e90b675cf942e from Serge Semin
Hello Linux-kernel community,
I am sure you have already heard the news caused by the recent Greg’ commit 6e90b675cf942e (“MAINTAINERS: Remove some entries due to various compliance requirements.”). As you may have noticed the change concerned some of the Ru-related developers removal from the list of the official kernel maintainers, including me.
The community members rightly noted that the quite short commit log contained very vague terms with no explicit change justification. No matter how hard I tried to get more details about the reason, alas the senior maintainer I was discussing the matter with haven’t given an explanation to what compliance requirements that was. I won’t cite the exact emails text since it was a private messaging, but the key words are “sanctions”, “sorry”, “nothing I can do”, “talk to your (company) lawyer”… I can’t say for all the guys affected by the change, but my work for the community has been purely volunteer for more than a year now (and less than half of it had been payable before that). For that reason I have no any (company) lawyer to talk to, and honestly after the way the patch has been merged in I don’t really want to now. Silently, behind everyone’s back, bypassing the standard patch-review process, with no affected developers/subsystem notified - it’s indeed the worse way to do what has been done. No gratitude, no credits to the developers for all these years of the devoted work for the community. No matter the reason of the situation but haven’t we deserved more than that? Adding to the GREDITS file at least, no?..
I can’t believe the kernel senior maintainers didn’t consider that the patch wouldn’t go unnoticed, and the situation might get out of control with unpredictable results for the community, if not straight away then in the middle or long term perspective. I am sure there have been plenty ways to solve the problem less harmfully, but they decided to take the easiest path. Alas what’s done is done. A bifurcation point slightly initiated a year ago has just been fully implemented. The reason of the situation is obviously in the political ground which in this case surely shatters a basement the community has been built on in the first place. If so then God knows what might be next (who else might be sanctioned…), but the implemented move clearly sends a bad signal to the Linux community new comers, to the already working volunteers and hobbyists like me.
Thus even if it was still possible for me to send patches or perform some reviews, after what has been done my motivation to do that as a volunteer has simply vanished. (I might be doing a commercial upstreaming in future though). But before saying goodbye I’d like to express my gratitude to all the community members I have been lucky to work with during all these years.
Later in that thread:
Please accept all of our apologies for the way this was handled. A summary of the legal advice the kernel is operating under is
If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
Anyone who wishes to can query the list here: https://sanctionssearch.ofac.treas.gov/
Which is exactly what anyone who wasn’t wanting to just snort some concentrated outrage knew was the case.
And you can argue as to if OFAC list should apply to things like this or not, but the problem is that the enforcement options for OFAC violations include ‘stomp you into the ground until you’re powder’, most people are just going to comply.
Also from that thread.
Again, we’re really sorry it’s come to this, but all of the Linux infrastructure and a lot of its maintainers are in the US and we can’t ignore the requirements of US law. We are hoping that this action alone will be sufficient to satisfy the US Treasury department in charge of sanctions and we won’t also have to remove any existing patches.
US law CAN’T apply on foreign ground, period. Nothing can. Just because they can bully their way around that, doesn’t mean they are right.
And it should be only fair that Israeli maintainers be removed as well.
They should also rethink their infrastructure policy and whether they still want it on US soil.
This is all wishful thinking, I know, but this just goes to show you how they have absolutely no backbone whatsoever. As if anybody is gonna touch the Linux kernel and jeopardize the safety of millions of systems. We all know that is never going to happen, but they still bent over for the US… so typical… just goes to show you how little backbone everyone has, including Linus.
Oh, and don’t get me started on the Russia/Finland history comment…
Does everyone here just not understand how international sanctions work?
As someone with a STEM degree in a STEM field, I’m consistently bummed out by how clearly silo’d my colleagues’ educations were. It is so plainly obvious as soon as you try to have a conversation with them about anything outside of their area of expertise.
And don’t bother trying to correct or teach them anything, because in their minds, they’re smarter than you, and you have nothing worthwhile to teach them.
This thread is full of software engineers with just no concept of how society functions, or even a basic understanding of the geopolitical context of any of this.
This thread is full of software engineers with just no concept of how society functions, or even a basic understanding of the geopolitical context of any of this.
The whole idea of open source is that you can contribute without restrictions and regardless where you live.
That is not the whole idea. The whole idea is you can see the source code. There are plenty of Open source projects that are only one person and they don’t except help from anyone.
That’s shared source, look it up, it has nothing to do with open source.
I don’t think free software/open source has ever guaranteed the ability to maintain a specific project. Only the freedom to modify the software. They haven’t been stripped of that core freedom from the GPL which is the closest thing there to what I think you’re talking about.
They have been stripped of a role because of a thing that has nothing to do with their competence to contribute to the project. Quality of code is all that matters in open source, not who you are or who you work for.
Philosophically I agree, but legally the reality is different.
If the company is in the USA they can restrict who you colloborate with. They also can control what you export as a oftware product under ITAR/EAR rules. It is why when some encryotion work had to be done the devs crossed the border into Canada to work on development, because under USA law encryption code is a controlled export product even if opensource
Then why in the hell was the LF founded in the US? That is something that clearly needs explaining. For example, Sweden is a much better place to do these sorts of things, their software laws are very liberal.
Some of these things need to be rethought if you ask me, this is not something that should be left like this. If no one in the kernel, including Linus, doesn’t see a serious problem with “we have to move people around to code”, then most of these people are probably braindead… I’m sorry, but if it was me, once I found out I had to move devs around to code, I would have been “fuck this we’re moving the foundation”.
You might be surprised to learn that Sweden also has sanctions against Russia, together with the rest of the EU, Norway, Switzerland, Japan, Australia, South Korea and a bunch of other countries. Because this is not about the US being an ass, it’s about Russia being an ass.
I wasn’t saying that Russia is not an ass, I was just saying that the whole point of open source is that it’s above borders and nationalities, religion, sexual orientation, etc. It should be an imperative to keep these core values, not bend over backwards when even no warning has been issued, which I’m fairly certain it would have never happened. And on top of that, Linus’es reaction to them being Russian, I mean… come on!
Where does this idea the open source is not political and above boarders. Open source is very political in its nature.
I’m sorry but that is absolutely not “the whole point of open source”.
The point of open source is the ability to read, modify, keep and share the source code of the software you use.
Thats a good point. I think its probably because most of the corporations who fund and contribute to the kernel are American, and coordinating financial and physical contributions would be complicated across borders. Just a hypothesis though.
But moving people around to code isn’t 🤨? I’m sure it far easier to justify a donation than to book plane tickets and find places for the devs where to stay. And to be perfectly honest, the whole point of open source is “you can contribute from anywhere”. The first time I would’ve encountered the move people around problem, I would have been “this is not the point of open source, it goes against the very spirit of it, we have to do something about this”.
Don’t know if it would help as there are international sanctions against Russia.
Not everywhere. I seriously doubt Cuba has sanctions against anyone.
I agree it might be better elsewhere. (Like how my preference is Protonmail being hosted by a neutral country based company) But so I don’t mislead, my encryption example was generic, not specific to linux kernel…however any novel encryption does have to be noted to NSA and other organizarions in the USA. Canada has something similar but it appeared less strigent, and adjustments have been made between the bordering countries. I personally diaagree that encryption should have government hand in it, it solves nothing. A foreign state actor wanting to send encrypted communications to overthrow another entity isn’t going to follow software laws anyway.
Like how my preference is Protonmail being hosted by a neutral country based company
I also use Protonmail because of this. Sure, the free plan is not really great, but I only keep important stuff, so I don’t get over the 500MB limit, I delete or archive the rest.
kernel…however any novel encryption does have to be noted to NSA and other organizarions in the USA
That may be true, but only if you’re a US citizen. For example, my country doesn’t have such regulations. In the end, if it’s open source, it shouldn’t matter whether I report stuff like that to any organization. It’s open source, look it up, it’s on a git repo online freely for everyone to review the code.
A foreign state actor wanting to send encrypted communications to overthrow another entity isn’t going to follow software laws anyway.
Exactly. As if hacking and DDOSing are legal 😒. It’s just throwing money away on some people doing pointless things.
On the other hand, having a ln encryption technologies taskforce makes sense IMO. Watching over what’s going on in the open source world regarding cryptography, yeah, that is something that can actually be useful… for the country’s cyber-security I mean.
Israel is not against the US at this point. Russia and the US are in a war with Ukraine being the middle man. Look at what the US did to Hauwei sanctioned it and forbid any us company from doing business with it. Basically none of the world could use the phones. All the tech the world is using is American so they get to say what any country can do.
What? Almost none of the tech where I live is from the US. Not to mention that Samsung is the biggest contender to Apple in the US and they’re more or less 50/50 with market share ATM.
The US is losing the war on world domination, something they were winning the past century or so, and they don’t like that. That’s basically the only reason any of this is happening. The war is just an excuse. As always, they would rather have Russia and China out of the picture than having to compete with them… because they can’t, especially not with China.
Oh hey, a reasonable comment here that actually has a decent score… These comments are wild. But given the recent… I’ll just say, conspicuously pro-Russian, turn this site seems to have taken in the run up to the election, it’s not exactly a surprise.
I’m shocked I didn’t get downvoted to shit myself.
It’s just that it was VERY clearly either sanctions or a NSL, since the Linux Foundation is in the US and the two things that result in a public entity like that making silent, un-explained changes are, well, sanctions and NSLs and you don’t say shit because your lawyer told you not to.
I don’t necessarily agree that tossing contributors off an open-source project is in the spirit of the OFAC list, but the problem almost certainly is that they’re employed by some giant tech company in Russia.
And, in Russia, like in the US, and Israel, and China, and anywhere else you care to mention, tech companies are almost always involved in military supply chains, since shit don’t work without computers at this point.
Which leads to a cycle of being unable to work with Weapons, Inc. and someone works for Weapons, Inc. so now that person can’t be worked with either and so your choices are… comply with the OFAC list, or take a stupid amount of legal risk up to and including angry people with guns showing up to talk to you.
We really don’t know the whole story and immediately jumping to “Imperialists bad!” is how certain chunks of Lemmy roll these days.
I think they’d be much happier if they all moved to North Korea and helped achieve the goal of Juche by becoming dirt farmers.
But folks who work for US companies building weapons for Israel are totes okay?
It’s honestly fucking wild that an internationally developed open source project has to play by the US government’s rules when the US government is out here helping commit genocide right the fuck now.
Like, look in the fucking mirror on this why don’t you.
Maybe the better rule is that if you work for a company that produces weaponry for war you shouldn’t be allowed to contribute, period.
You may be amazed to learn that there aren’t many international sanctions against the USA at this time, but I imagine you could probably get into legal trouble for collaborating with Americans if you’re in, I don’t know, North Korea maybe.
You may be amazed to learn that the reason there aren’t many international sanctions against the USA at this time is not because the USA is a beacon of peace, freedom, democracy, and national sovereignty. Because the US is very much not that.
Well it’s by far the biggest economy in the world and the whole world uses the tech developed in the US. sanction them and they could cut off your access to technology.
That’s beside my point, but since you brought it up, the US is not the world’s largest economy, and China & Russia seem to be doing alright despite US sanctions, including technology sanctions. The US is no longer the indispensable nation; that ship sailed a while ago.
US isn’t helping fund a genocide in Israel or anything! /s
Address your complaints to the government of the USA. Or, if you have the right to do so, cast a vote in the upcoming election there to prevent it taking a big step in the opposite direction from a world in which it might consider anything like similar sanctions against Israel.
“Write a stern letter to a foreign government” and “Vote against ‘very probable 101% genocide’ and for ‘proven 100% genocide’” are some weak tea, and beside the point being made.
Your particular complaints are better addressed to almighty God I suppose. So long as you don’t blame linux kernel devs for them it’s all the same to me.
Oh look, a bad faith argument about the upcoming election from someone who I’ve tagged for making bad faith arguments about the upcoming election. Fun.
What are you even trying to say here?
Do you think you’ve unraveled some massive conspiracy simply by learning about the existence of Western hegemony?
Maybe the better rule is that if you work for a company that produces weaponry for war you shouldn’t be allowed to contribute, period.
This is something I can actually get behind on.
But, you see, there is just one teeency weeency tiny problem with that. They spend trucks of cash on whatever they deem will give them what they want, including funding organizations that they profit from.
But folks who work for US companies building weapons for Israel are totes okay?
Who here said this?
You want the World Bank to bail out your economy post-pandemic, you gotta accede to some tough demands
It sucks if well meaning people are caught up in this, but it also sucks if you’re living in the aggressor state of an ongoing war.
Yeah must suck to live in Israel.
I don’t want to defend Israel, but their current war is a defensive one, no?
So shouldn’t this also include the US and the many countries (most of Western Europe, plus others) involved in coalitions bombing the middle east and elsewhere?
Yes, if the issue was a moral one. This issue, however, is a legal one.
Then it isn’t about living in an aggressor state, is it?
It is but doesn’t mean it has to apply to every country equally. This isn’t a movie everything isn’t black and white. We had a nice run where everyone was working together or are last tolerating each other, it was peaceful. But the US Russia and China are drifting further apart and becoming less reliant on each other, which sadly means it’s not going to be as peaceful going forward. Also they are not going to tolerate each other as much China Russia already have their versions of Linux distorts just imagine there might be more differences in the future.
We had a nice run where everyone was working together or are last tolerating each other, it was peaceful. But the US Russia and China are drifting further apart and becoming less reliant on each other, which sadly means it’s not going to be as peaceful going forward.
At which point was it “peaceful”? The US invaded 3 countries around then and bombed and couped many more. Millions were killed.
Also they are not going to tolerate each other as much China Russia already have their versions of Linux distorts just imagine there might be more differences in the future.
Yes this will eventually lead to forks due to the US forcing decoupling. It is a highly aggressive terrorist state.
Whataboutism isn’t a very convincing argument.
It is if you’re biased.
I’m not biased and I’m not picking a side, but there is a lot of whataboutism is this thread and I stand by my stance that it is a weak argument and a logical fallacy.
US and EU double standards is what this whataboutism is all about. I can state this for a fact, since my country is also in this pickle because of EU double standards. And it is constructive if you have a valid reason to raise the issue. There is a valid reason to raise this issue.
Can you use your own words to demonstrate why my argument isn’t convincing? What’s not convincing is throwing around the word “whataboutism” and thinking that’s an argument.
Yeah probably… But that’s a separate discussion isn’t it?
How is it a separate discussion?
Because this isn’t a post about the results of sanctions against the US?
No it isn’t. Read the comment I replied to.
Honestly must be incredibly stressful managing a project like the Linux kernel. Governments constantly wanting changes made for their own purposes, companies leeching off the work of volunteers, neck beards losing their minds over some change they don’t like.
I don’t envy them at all. This sort of change was inevitability going to piss people off - it could have been handled better but I think it was going to be lose/lose no matter which way it was done.
I personally think this is a cop out. Obviously people would have been outraged either way, but personally my only issue is about how it was done. The whole point of the FOSS community is openness and transparency. The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.
The senior maintainers of arguably the most important FOSS project trying to operate secretively on something like this has shattered my trust in them, as well as many others.
Basically, my stand on this.
And that it was dismissed like it was “no big deal” by Linus and some of the other senior maintainers.
But seriously, Linus’s comment regarding this was… just… I have no words… he basically put every Russian in the same basket, called them trolls and added a racist comment on top of that, I mean… yeah, I lost all respect for him. At least his previous fits were about code and only if someone fucked up something, this is completely different.
It’s pretty hard to be open and transparent when 2 men with guns and black suits are sitting at your kitchen table.
We don’t know if that happened, but given the speed this happened and the us being the us…
If it breaks that they had a long runway of knowing this had to happen, then sure bring out the pitchforks, but imo we should default to this happening under heavy pressure to act immediately.
neck beards losing their minds over some change they don’t like.
Ughhh, it was so infuriating hearing that guy rant about how Rust was bad and was trying to take over at that conference. I felt so bad for the speaker.
Wait linux community is removing maintainters because of their nationality???!!
Not nationality but alleged involvement with sanctioned organizations. There are plenty of Russian names on maintainers list remaining.
All the responses from the Russian devs appear to skirt around the issue, the massive elephant in the room.
If I were removed due to sanctions against my country because of their invasion of another country, I wouldn’t feel I had any right to complain.
If I were to complain, it would be about the actions of my country and the consequences due to that, rather than acting like it’s outrageous to be removed.
I understand making those complaints is complicated for a Russian, but giving backlash like this really does give the impression that they don’t give a shit about, or even support, the invasion.
Are we going to remove Israel maintainers from the list since IDF soldiers are using Palestinians as human shields?
Oh, no, because US is okay with that genocide?
It’s really more about how clearly fucking hypocritical it is.
So you think they’re against the invasion of Ukraine, and would like to see Israel hit with sanctions as well?
Because that wasn’t the impression I was getting.
I think we can all agree that what Russia and Israel are doing is horrific. Israel should be sanctioned as well, rather than letting Russia off…
That’s literally what I suggested elsewhere here: If you work for ANY company in ANY country that produces weapons for war for ANY government, that they shouldn’t be allowed to contribute.
Because that at the very least would be consistent.
Wouldn’t that stop nearly every country from being able to contribute?
Sounds like a convoluted way of saying to just let the Russians off, veiled as some over the top “consistency” argument.
Maybe let’s do that tho, and just start with Russia 😆
Way to purposefully misread it.
The whole issue is that the Russians work for companies with sanctions against them.
So, treat all companies involved in war the same way, and you’ll never run into this hypocritical issue again.
There’s plenty of companies (like Valve) who don’t directly produce weapons of war or have contracts with their governments for war-services who contribute to Linux that could still do so, and plenty of individuals who don’t work for military and military adjacent companies to contribute.
Acting like removing people who work at companies that contribute to wars will mean no one can contribute is obviously a grossly exaggerated misinterpretation.
That’s not completely unreasonable tbh, but I still think the current sanctions are fair if not perfect.
I didn’t purposely misread, this part was just a bit unclear:
If you work for ANY company in ANY country that produces weapons for war
Looking at what you quoted, that’s fair and can see how you misread it as such. I am sorry I said that it was purposeful.
But the US is never going to sanction itself.
Google or Microsoft employees wouldn’t be able to contribute, even if they’re not working with any weapons manufacturer during their entire career there.
The idea is great in theory but isn’t in feasible in rl.
This is the real world and you can think it ducks and it does but when your the 20000 pound gorilla in the room and there is nobody anywhere near your size you can do whatever the he’ll you want. And the US is that Gorilla. The whole world uses their tech in someway and their economy is by far the largest in the world. US is even looking at TSMC and selling chips to China cause the equipment TSMC uses to make chips is made by American companies.
- basmati ( @basmati@lemmus.org ) English27•5 months ago
There are no sanctions against these individuals. More importantly who gives a shit about what the US is whining about today or tomorrow, foss software is more important than whatever petty dispute the US egged on this time.
Most FOSS contributions are probably done by American companies. I don’t think people realize how many kernel developers are paid by someone to go it.
- basmati ( @basmati@lemmus.org ) English2•5 months ago
Nope, a decent amount are Chinese. Or European. American companies of course do fund foss so they don’t have to develop much themselves, but it’s certainly not most.
Again they have forgotten to remember the existence of people living outside the western bloc
byeeeeeeee
o7